From: Seamus Lee Date: Tue, 16 Jul 2019 14:39:08 +0000 (+1000) Subject: Ensure that if present the HTTP_X_FORWARDED_FOR IP address is used instead of the... X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=e7ecda7578ea72738e2791e2b15612d907ae8ced;p=civicrm-core.git Ensure that if present the HTTP_X_FORWARDED_FOR IP address is used instead of the SERVER_ADDR when logging items from the IDS Update Core IP address to match IDS Pattern --- diff --git a/CRM/Core/IDS.php b/CRM/Core/IDS.php index 4d0d513e2c..02e9730d2d 100644 --- a/CRM/Core/IDS.php +++ b/CRM/Core/IDS.php @@ -247,10 +247,8 @@ class CRM_Core_IDS { * @return bool */ private function log($result, $reaction = 0) { - $ip = (isset($_SERVER['SERVER_ADDR']) && - $_SERVER['SERVER_ADDR'] != '127.0.0.1') ? $_SERVER['SERVER_ADDR'] : ( - isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : '127.0.0.1' - ); + // Include X_FORWARD_FOR ip address if set as per IDS patten. + $ip = $_SERVER['REMOTE_ADDR'] . (isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? ' (' . $_SERVER['HTTP_X_FORWARDED_FOR'] . ')' : ''); $data = []; $session = CRM_Core_Session::singleton();